Questo contenuto non è disponibile nella lingua selezionata.

Chapter 11. Deploying Security Domains


Modular Security Domain
A security domain deployment method, where the security domain declaration is included in a deployment descriptor . A modular security domain takes the form *-jboss-beans.xml. It is included in the META-INF directory of EJB Jars, or the WEB-INF directory of web application (WAR).
Deployment Descriptor
A declarative XML configuration file that describes the deployment settings of an application. The way an application is deployed can be changed within this file, eliminating the need to make changes to the underlying code of the application.
There are two ways of deploying a security domain in JBoss Enterprise Application Platform:
  1. Declare the security domain in the jboss-as/server/$PROFILE/conf/login-config.xml file.
  2. Create and deploy a modular security domain.

Procedure 11.1. Modular Security Domain configuration

Follow this procedure to configure a basic modular security domain deployment descriptor with two domains for EJB and web applications.
Each domain uses the UsersRolesLoginModule for the authorization policy, however you are not limited to this login module when creating a modular security domain. Refer to Section 12.1, “Using Modules” for additional login modules shipped with JBoss Enterprise Application Platform.
  1. Create deployment descriptor

    You must create a deployment descriptor file to contain the security domain configuration.
    If you have already created a deployment descriptor for your application, you can skip this step and proceed to step 2.
    The file name takes the format [domain_name]-jboss-beans.xml. While the domain_name is arbitrary, you should choose a name that is meaningful to the application ensure the name of the deployment descriptor is unique across the server profile.
    The file must contain the standard XML declaration, and a correctly configured <deployment> element.
    <?xml version="1.0" encoding="UTF-8"?>
    
    <deployment xmlns="urn:jboss:bean-deployer:2.0">
    
    
    </deployment>
    Copy to Clipboard Toggle word wrap
  2. Define application policies

    Individual security domains are defined within the <deployment> element.
    In the example below, two security domains are specified. Each authentication policy uses the same login module, and module parameters.

    Note

    Other login modules are available for use with the Enterprise Application Platform. For more information about the available login modules, refer to Section 12.1, “Using Modules”
    <?xml version="1.0" encoding="UTF-8"?>
    
    <deployment xmlns="urn:jboss:bean-deployer:2.0">
    
      <application-policy xmlns="urn:jboss:security-beans:1.0" name="web-test">
        <authentication>
          <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
            <module-option name="unauthenticatedIdentity">anonymous</module-option>
            <module-option name="usersProperties">u.properties</module-option>
            <module-option name="rolesProperties">r.properties</module-option>
          </login-module>
        </authentication>
      </application-policy>
    
      <application-policy xmlns="urn:jboss:security-beans:1.0" name="ejb-test">
        <authentication>
          <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
            <module-option name="unauthenticatedIdentity">anonymous</module-option>
            <module-option name="usersProperties">u.properties</module-option>
            <module-option name="rolesProperties">r.properties</module-option>
          </login-module>
        </authentication>
      </application-policy>
    
    </deployment>
    
    Copy to Clipboard Toggle word wrap
  3. Deploy or package the deployment descriptor

    Move the deployment descriptor file to the jboss-as/server/$PROFILE/deploy directory of the required server profile in your installation.
    If you are distributing your application to a wider audience, package the deployment descriptor in the META-INF directory of the EJB Jar, or the WEB-INF directory of your web application (WAR).
Torna in cima
Red Hat logoGithubredditYoutubeTwitter

Formazione

Prova, acquista e vendi

Community

Informazioni sulla documentazione di Red Hat

Aiutiamo gli utenti Red Hat a innovarsi e raggiungere i propri obiettivi con i nostri prodotti e servizi grazie a contenuti di cui possono fidarsi. Esplora i nostri ultimi aggiornamenti.

Rendiamo l’open source più inclusivo

Red Hat si impegna a sostituire il linguaggio problematico nel codice, nella documentazione e nelle proprietà web. Per maggiori dettagli, visita il Blog di Red Hat.

Informazioni su Red Hat

Forniamo soluzioni consolidate che rendono più semplice per le aziende lavorare su piattaforme e ambienti diversi, dal datacenter centrale all'edge della rete.

Theme

© 2025 Red Hat